Re: medical image database

> Second issue you need to take care is the application security. In> reality, you would need to orchestrate your entire application security> around the image field in your database - like who can edit it, read it,> dump it, etc. So design your application security schema with> considerable thought.

yes, absolutely. But what do you mean by ''orchestrate your ... security
around the image field '' ? Security applies to all the data, not just the
images. And I suspect the security of the person records is in face even more
important than that of the image data.

> On the whole, storing the images as files in the file system is dumb.

no, I disagree. There are good reasons to keep these images in plain
filesystem files. The most important reason being the interoperability with
lots of (home-grown, legacy) analysis programs, which general will rely on
the names of files in order to access them. I know of no database where you
can say UPDATE test_scans apply Gaussian(IMAGE, 1,2,3,4) WHERE capture_date
BETWEEN 1-May-1998 and 14-may-1998, or something of the sort. By storing
everything in a database, you add an additional nightmare of
exporting/importing images from/into the database, with no additional
benefit.

Lastly, images need not be transactional, as long as you have backups.
(but ideally, the filenames should be transactional ...).

I'm sure there are specialized DBMSs for image mangement, but I'm not an
expert on that.

> "I> Love You" virus ate a lot of such image banks all over the world, a few> months ago. Encapsulating them in some repository would have prevented> this.

And so would choosing a decent operating system and/or decent backup
mechanism in the first place! Sorry, but I find this a totally ridiculous
argument to put images inside a database. Especially given the security
considerations already mentioned, and the very weak track record of the
software vendor that has exposed quite a few people to viruses of the
IloveYou type.